Is Your Company's Top 10 Up to Date?
Earlier this year the OWASP foundation released an updated Top Ten security risks list for the industry. How recently have you updated your list?
Join Coveros Managing Consultant Derek Evans to learn about using risk-based testing to discover your company's most critical security risks. Explore how this approach tackles your highest risk during projects and helps reduce technical debt.
In this session you will learn how to:
- Prioritize your risk versus OWASP's to enable reducing an attack surface and vectors
- Roll your own risk and attack intelligence information
- Change your own top 10 for the better
Derek Evans
Derek Evans been in the application security sector for 15 years, working in eight different industries and rising through the ranks to serve as AppSec and DevOps director. At the tactical level, he has worked to advise clients on implementation and maturity of their software security initiatives, security assessment programs (penetration testing, DAST, SAST, SCA, threat modeling, IAST, etc.), integration of security activities in the SDLC and CI/CD automated pipelines, and software security risk management. As a Managing Consultant, Derek is responsible for delivery of services and for technical leadership.